Skip to main content

Tidb

7 CVEs product

Monthly

CVE-2024-41433 CRITICAL POC Act Now

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Tidb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-41434 MEDIUM POC This Month

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column).GetDecimal. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Tidb
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-35618 HIGH This Week

PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Tidb
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-33809 MEDIUM This Month

PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulnerability, which could lead to database crashes and denial of service attacks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Tidb
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-3023 Go CRITICAL PATCH Act Now

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Tidb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-34969 HIGH POC This Week

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Tidb
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-31011 Go HIGH PATCH This Week

TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Authentication Bypass Tidb
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Tidb
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC This Month

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column).GetDecimal. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Tidb
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Tidb
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulnerability, which could lead to database crashes and denial of service attacks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Tidb
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Tidb
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Tidb
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Authentication Bypass Tidb
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy